The Chili’s breach may have occurred between March and April 2018, Brinker indicated. Chili’s officials said they believe malware was used to obtain customers’ payment card information, including credit or debit card numbers and cardholder names, from the company’s payment-related systems for in-restaurant purchases.

Upon learning about the breach, Chili’s activated its response plan, Brinker pointed out. Chili’s is working with third-party forensics experts to investigate the data breach, and law enforcement has been notified about the incident.

The investigation into the Chili’s data breach is ongoing, Brinker noted. Chili’s also is working to provide fraud resolution and credit monitoring services to customers who may have been affected by the breach.

Chili’s has more than 1,300 locations in 33 countries, and the restaurant chain serves more than 281 million customers annually.

Applebee’s, Sonic Drive-In Suffer POS Data Breaches

Applebee’s in March discovered and removed malware on POS systems across nearly 170 restaurant locations, according to a security & data incident notice from parent company RMH Franchise Holdings. The malware was found on Feb. 13, 2018 and enabled cybercriminals to capture customers’ credit or debit card numbers, cardholder names and other payment card information.